api-security

Star

Here are 169 public repositories matching this topic...

Language:All

Filter by language

All169 JavaScript25 Python18 Go17 Java16 TypeScript13 C#12 Shell8 PHP6 C++3 Rust3

Sort:Most stars

Sort options

Most stars Fewest stars Most forks Fewest forks Recently updated Least recently updated

jassics /security-study-plan

Star4.6k

Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...

cybersecurity infosec application-security pentesting study-guide appsec aws-security study-plan security-testing api-security azure-security appsec-tutorials gcp-security devsecops-university cybersecurity-education study-planner

UpdatedJan 29, 2025

arainho /awesome-api-security

Star3.2k

A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.

security fuzzing infosec awesome-list pentest api-security api-pentest api-sec apisec api-hacking api-hunting api-hacks api-hardening

UpdatedNov 30, 2024

inonshk /31-days-of-API-Security-Tips

Star2.1k

This challenge is Inon Shkedy's 31 days API Security Tips.

security bug-bounty infosec bugbounty pentest api-security bugbountytips api-pentest

UpdatedApr 20, 2022

API-Security /APIKit

Star2.1k

APIKit：Discovery, Scan and Audit APIs Toolkit All In One.

burp-extensions api-security api-sec apisec

UpdatedApr 2, 2024
Java

HolyBugx /HolyTips

Star1.8k

A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.

api checklist security web webapp pentesting writeups bugbounty pentest websecurity api-security bugbountytips bugbounty-writeups

UpdatedSep 5, 2021

wallarm /gotestwaf

Star1.6k

An open-source project in Golang to asess different API Security tools and WAF for detection logic and bypasses

security waf owasp bugbounty web-application-firewall security-tools web-application-security security-testing graphql-security api-security rest-security grpc-security

UpdatedFeb 12, 2025
Go

metlo-labs /metlo

Star1.6k

Metlo is an open-source API security platform.

aws security monitoring api-gateway cybersecurity infosec application-security vulnerabilities bugbounty pentest vulnerability-detection api-security api-pentest infosectools bugbounty-tools metlo

UpdatedMay 15, 2024
TypeScript

akto-api-security /akto

Star1.2k

Proactive, Open source API security → API discovery, API Security Posture, Testing in CI/CD, Test Library with 1000+ Tests, Add custom tests, Sensitive data exposure

security authentication authorization api-testing hacktoberfest api-discovery owasp-top-10 devsecops security-testing api-security sensitive-data-exposure threat-detection idor devsecops-pipeline hacktoberfest2023 api-security-testing api-security-posture

UpdatedMar 24, 2025
Java

blst-security /cherrybomb

Star1.2k

Stop half-done APIs! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by auditing your API specifications, validating them and running API security tests.

api cli open-source http security best-practices openapi cybersecurity web-security business-logic cyber security-tools websecurity openapi3 web-sec-scanner api-security firecracker blst

UpdatedOct 25, 2024
Rust

openappsec /openappsec

Star1.1k

open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. This repo include the main code and logic.

nginx kubernetes rate-limiting waf owasp kong application-security appsec web-application-firewall security-tools owasp-top-ten devsecops api-security nginx-proxy-manager threat-prevention

UpdatedMar 24, 2025
C++

Safe3 /uuWAF

Star1k

An industry-leading free, high-performance, AI and semantic technology Web Application Firewall and API Security Gateway (WAAP) - UUSEC WAF.

nginx security ddos api-gateway waf xss owasp sql-injection application-security modsecurity web-application-firewall data-mask hips rasp api-security waap web-security-gateway uuwaf uusec-waf uusec

UpdatedMar 24, 2025
C

Zeyad-Azima /Offensive-Resources

Sponsor

Star954

A Huge Learning Resources with Labs For Offensive Security Players

api infrastructure learning security mobile web hack hacking owasp cybersecurity web-security mobile-security offensive offensive-security red-team owasp-top-10 cloud-security redteam api-security red-teaming

UpdatedJul 13, 2022

dsopas /MindAPI

Star838

Organize your API security assessment by using MindAPI. It's free and open for community collaboration.

hacking methodology mindmap api-security mindapi

UpdatedFeb 3, 2025

wallarm /awesome-nginx-security

Star753

🔥 A curated list of awesome links related to application security related to the environments with NGINX or Kubernetes Ingres Controller (based on NGINX)

nginx kubernetes security webserver waf load-balancer apigateway application-security awesome-list naxsi modsecurity nginx-server nginx-configuration mod-security awesome-lists nginx-security api-security nginx-environment

UpdatedOct 24, 2023

The OWASP OFFAT tool autonomously assesses your API for prevalent vulnerabilities, though full compatibility with OAS v3 is pending. The project remains a work in progress, continuously evolving towards completion.

owasp api-rest api-security api-hacking api-security-testing offat

UpdatedNov 21, 2024
Python

wallarm /api-firewall

Star602

Fast and light-weight API proxy firewall for request and response validation by OpenAPI specs.

api security api-gateway proxy firewall swagger openapi waf apigateway api-wrapper openapi-spec openapi-specification web-application-firewall security-tools web-application-security api-security rest-security api-firewall openapi-security api-waf

UpdatedFeb 27, 2025
Go

openclarity /apiclarity

Star528

An API security tool to capture and analyze API traffic, test API endpoints, reconstruct Open API specification, and identify API security risks.

kubernetes microservices microservice swagger wasm openapi k8s openapi-spec service-mesh openapi-specification envoy istio api-security shadow-api zombie-api

UpdatedOct 8, 2024
Go

Mehdi0x90 /Web_Hacking

Star522

Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.

security exploit hacking owasp cheatsheet enumeration penetration-testing vulnerability recon bugbounty pentest bypass payloads websecurity web-application-security redteam api-security webhacking bug-bounty-hunters api-pentest

UpdatedMar 5, 2025

adhocore /php-jwt

Sponsor

Star297

Ultra lightweight, dependency free and standalone JSON web token (JWT) library for PHP5.6 to PHP8.4+. This library makes JWT a cheese. It is a minimal JWT integration for PHP.

php jwt oauth2 php7 php-jwt jwt-authentication json-web-signature json-web-token jwt-auth php8 api-security json-web-token-php api-auth adhocore

UpdatedFeb 18, 2025
PHP

mytechnotalent /Go-Hacking

Star215

A FREE comprehensive online Go hacking tutorial utilizing the x64, ARM64 and ARM32 architectures going step-by-step into the world of reverse engineering Golang from scratch.

go windows api golang arm system hack reverse-engineering intel hacking distributed systems cybersecurity ida ida-pro arm64 cyber api-security arm32 api-services

UpdatedAug 30, 2023
Go

Improve this page

Add a description, image, and links to theapi-security topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with theapi-security topic, visit your repo's landing page and select "manage topics."

Learn more

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly